7.2

CVE-2019-1649

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. An attacker will need to fulfill all the following conditions to attempt to exploit this vulnerability: Have privileged administrative access to the device. Be able to access the underlying operating system running on the device; this can be achieved either by using a supported, documented mechanism or by exploiting another vulnerability that would provide an attacker with such access. Develop or have access to a platform-specific exploit. An attacker attempting to exploit this vulnerability across multiple affected platforms would need to research each one of those platforms and then develop a platform-specific exploit. Although the research process could be reused across different platforms, an exploit developed for a given hardware platform is unlikely to work on a different hardware platform.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoAsa 5500 Firmware Version < 1.1.15
   CiscoAsa 5506-x Version-
   CiscoAsa 5506h-x Version-
   CiscoAsa 5506w-x Version-
   CiscoAsa 5508-x Version-
   CiscoAsa 5516-x Version-
CiscoFirepower 2100 Firmware Version < 2.6.1.134
   CiscoFirepower 2110 Version-
   CiscoFirepower 2120 Version-
   CiscoFirepower 2130 Version-
   CiscoFirepower 2140 Version-
CiscoFirepower 4000 Firmware Version < 1.0.18
   CiscoFirepower 4110 Version-
   CiscoFirepower 4120 Version-
   CiscoFirepower 4140 Version-
   CiscoFirepower 4150 Version-
CiscoFirepower 9000 Firmware Version < 1.0.18
   CiscoFirepower 9300 Version-
CiscoOns 15454 Mstp Firmware Version < 11.1
   CiscoOns 15454 Mstp Version-
CiscoAnalog Voice Network Interface Modules Firmware HwPlatform4000_series_isrs
   CiscoNim-2bri-nt/te Version-
   CiscoNim-2fox Version-
   CiscoNim-2fxs Version-
   CiscoNim-2fxs/4fxo Version-
   CiscoNim-2fxs/4fxop Version-
   CiscoNim-2fxsp Version-
   CiscoNim-4bri-nt/te Version-
   CiscoNim-4e/m Version-
   CiscoNim-4fxo Version-
   CiscoNim-4fxs Version-
   CiscoNim-4fxsp Version-
CiscoIntegrated Services Router T1/e1 Voice And Wan Network Interface Modules Firmware HwPlatform4000_series
   CiscoNim-1ce1t1-pri Version-
   CiscoNim-1mft-t1/e1 Version-
   CiscoNim-2ce1t1-pri Version-
   CiscoNim-2mft-t1/e1 Version-
   CiscoNim-4mft-t1/e1 Version-
   CiscoNim-8ce1t1-pri Version-
   CiscoNim-8mft-t1/e1 Version-
CiscoSupervisor A+ Firmware HwPlatformnexus_9500
   CiscoN9k-sup-a+ Version-
CiscoSupervisor B+ Firmware HwPlatformnexus_9500
   CiscoN9k-sup-b+ Version-
Cisco15454-m-wse-k9 Firmware Version < 11.1
   Cisco15454-m-wse-k9 Version-
CiscoIos Xe Version < 16.12.1
CiscoIos Xe Version < 16.3.9
   CiscoNim-1ge-cu-sfp Version-
   CiscoNim-2ge-cu-sfp Version-
   CiscoSm-x-pvdm-1000 Version-
   CiscoSm-x-pvdm-2000 Version-
   CiscoSm-x-pvdm-3000 Version-
   CiscoSm-x-pvdm-500 Version-
CiscoIos Xe Version >= 16.4.0 < 16.6.7
   CiscoNim-1ge-cu-sfp Version-
   CiscoNim-2ge-cu-sfp Version-
   CiscoSm-x-pvdm-1000 Version-
   CiscoSm-x-pvdm-2000 Version-
   CiscoSm-x-pvdm-3000 Version-
   CiscoSm-x-pvdm-500 Version-
CiscoIos Xe Version >= 16.7.0 < 16.9.4
   CiscoNim-1ge-cu-sfp Version-
   CiscoNim-2ge-cu-sfp Version-
   CiscoSm-x-pvdm-1000 Version-
   CiscoSm-x-pvdm-2000 Version-
   CiscoSm-x-pvdm-3000 Version-
   CiscoSm-x-pvdm-500 Version-
CiscoIos Xe Version >= 16.10.0 < 16.12.1
   CiscoNim-1ge-cu-sfp Version-
   CiscoNim-2ge-cu-sfp Version-
   CiscoSm-x-pvdm-1000 Version-
   CiscoSm-x-pvdm-2000 Version-
   CiscoSm-x-pvdm-3000 Version-
   CiscoSm-x-pvdm-500 Version-
CiscoIos Version < 15.6\(3\)m7
   Cisco1120 Connected Grid Router Version-
   Cisco1240 Connected Grid Router Version-
CiscoIos Version >= 15.7 <= 15.7\(3\)m5
   Cisco1120 Connected Grid Router Version-
   Cisco1240 Connected Grid Router Version-
CiscoIos Version >= 15.8 < 15.8\(3\)m3
   Cisco1120 Connected Grid Router Version-
   Cisco1240 Connected Grid Router Version-
CiscoIos Version >= 15.9 < 15.9\(3\)m
   Cisco1120 Connected Grid Router Version-
   Cisco1240 Connected Grid Router Version-
CiscoIos Version < 15.6\(3\)m6b
CiscoIos Version >= 15.7 <= 15.7\(3\)m4b
CiscoIos Version >= 15.8 < 15.8\(3\)m2a
CiscoAsr 1000 Series Firmware
   CiscoAsr 1000-esp100 Version-
   CiscoAsr 1000 Series Version-
   CiscoAsr1000-2t+20x1ge Version-
   CiscoAsr1000-6tge Version-
   CiscoAsr1000-esp200 Version-
   CiscoAsr1000-mip100 Version-
   CiscoAsr1000-rp3 Version-
CiscoAsr 1001 Firmware Version16.0.0
   CiscoAsr 1001-hx Version-
   CiscoAsr 1001-x Version-
   CiscoAsr 1002-hx Version-
CiscoIos Xe Version < 16.2.1
   CiscoA900-rsp2a-128 Version-
   CiscoA900-rsp2a-64 Version-
   CiscoA900-rsp3c-200 Version-
   CiscoA900-rsp3c-400/w Version-
   CiscoAsr-920-10sz-pd Version-
   CiscoAsr-920-12cz-a Version-
   CiscoAsr-920-12cz-d Version-
   CiscoAsr-920-12sz-a Version-
   CiscoAsr-920-12sz-d Version-
   CiscoAsr-920-12sz-im-cc Version-
   CiscoAsr-920-24sz-m Version-
   CiscoAsr-920-24tz-im Version-
   CiscoAsr-920-24tz-m Version-
   CiscoAsr-920-4sz-a Version-
   CiscoAsr-920-4sz-d Version-
   CiscoC9300-24p Version-
   CiscoC9300-24t Version-
   CiscoC9300-24u Version-
   CiscoC9300-24ux Version-
   CiscoC9300-48p Version-
   CiscoC9300-48t Version-
   CiscoC9300-48u Version-
   CiscoC9300-48un Version-
   CiscoC9300-48uxm Version-
   CiscoCatalyst 9600 Supervisor Engine-1 Version-
   CiscoCbr-ccap-lc-40g-r Version-
   CiscoCbr-lc-8d31-16u31 Version-
CiscoIos Xr Version7.0.1
   CiscoA99-16x100ge-x-se Version-
   CiscoA99-32x100ge-cm Version-
   CiscoA99-32x100ge-tr Version-
   CiscoA99-rp3-se Version-
   CiscoA99-rp3-tr Version-
   CiscoA9k-16x100ge-cm Version-
   CiscoA9k-16x100ge-tr Version-
   CiscoA9k-rsp5-se Version-
   CiscoA9k-rsp5-tr Version-
   CiscoNetwork Convergence System 1002 Version-
CiscoIos Xe Version < 15.5\(1\)sy4
   CiscoC6800-16p10g-xl Version-
   CiscoC6800-32p10g-xl Version-
   CiscoC6800-8p10g-xl Version-
   CiscoC6800-8p40g-xl Version-
   CiscoC6800-sup6t-xl Version-
   CiscoC6816-x-le Version-
   CiscoC6824-x-le-40g Version-
   CiscoC6832-x-le Version-
   CiscoC6840-x-le-40g Version-
CiscoIos Xe Version < 16.9.4
   CiscoC9500-12q Version-
   CiscoC9500-16x Version-
   CiscoC9500-24q Version-
   CiscoC9500-24y4c Version-
   CiscoC9500-32c Version-
   CiscoC9500-32qc Version-
   CiscoC9500-40x Version-
   CiscoC9500-48y4c Version-
CiscoIos Xe Version >= 16.10 < 16.12.1
   CiscoC9500-12q Version-
   CiscoC9500-16x Version-
   CiscoC9500-24q Version-
   CiscoC9500-24y4c Version-
   CiscoC9500-32c Version-
   CiscoC9500-32qc Version-
   CiscoC9500-40x Version-
   CiscoC9500-48y4c Version-
CiscoIc3000-k9 Firmware Version < 1.0.2
   CiscoIc3000-k9 Version-
CiscoNx-os Version < 8.4.1
   CiscoDs-x9334-k9 Version-
CiscoNcs2k-mr-mxp-k9 Firmware Version < 11.1
   CiscoNcs2k-mr-mxp-k9 Version-
CiscoIos Xr Version7.1.1
   CiscoNc55-24h12f-se Version-
   CiscoNc55-36x100g-a-se Version-
   CiscoNc55-36x100g-s Version-
   CiscoNc55-5504-fc Version-
   CiscoNc55-5516-fc Version-
   CiscoNc55-6x200-dwdm-s Version-
   CiscoNc55-mod-a-s Version-
   CiscoNcs-5501 Version-
   CiscoNcs-5501-se Version-
   CiscoNcs-5502 Version-
   CiscoNcs-5502-se Version-
   CiscoNcs-55a1-24h Version-
   CiscoNcs-55a1-36h-s Version-
   CiscoNcs-55a1-36h-se Version-
   CiscoNcs-55a2-mod-hd-s Version-
   CiscoNcs-55a2-mod-hx-s Version-
   CiscoNcs-55a2-mod-s Version-
   CiscoNcs-55a2-mod-se-h-s Version-
   CiscoNcs-55a2-mod-se-s Version-
   CiscoNetwork Convergence System 5001 Version-
   CiscoNetwork Convergence System 5002 Version-
CiscoNx-os Version < 9.3\(2\)
   CiscoN3k-c31108pc-v Version-
   CiscoN3k-c31108tc-v Version-
   CiscoN3k-c3132c-z Version-
   CiscoN3k-c3264c-e Version-
   CiscoN9k-c92300yc Version-
   CiscoN9k-c93108tc-ex Version-
   CiscoN9k-c93108tc-fx Version-
   CiscoN9k-c93180lc-ex Version-
   CiscoN9k-c93180yc-ex Version-
   CiscoN9k-c93180yc-fx Version-
   CiscoN9k-c93240yc-fx2 Version-
   CiscoN9k-c9348gc-fxp Version-
CiscoNx-os Version < 8.4.1
   CiscoDs-x9648-1536k9 Version-
   CiscoN3k-c3264c-e Version-
   CiscoN77-m312cq-26l Version-
   CiscoN77-m348xp-23l Version-
   CiscoN77-sup3e Version-
   CiscoN7k-m324fq-25l Version-
   CiscoN7k-m348xp-25l Version-
CiscoSm-x-1t3/e3 Firmware Version-
   CiscoSm-x-1t3/e3 Version-
CiscoEncs 5100 Firmware Version-
   CiscoEncs 5100 Version-
CiscoEncs 5400 Firmware Version-
   CiscoEncs 5400 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.464
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
psirt@cisco.com 6.7 0.8 5.9
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

http://www.securityfocus.com/bid/108350
Third Party Advisory
VDB Entry
https://www.kb.cert.org/vuls/id/400865
Third Party Advisory
US Government Resource
https://www.us-cert.gov/ics/advisories/icsa-20-072-03
Third Party Advisory
US Government Resource